Articles about Security

How can consumers stay secure as payment systems evolve? [Q&A]

Chip and pin card reader

Data breaches continue to make the news on a regular basis and payment details are high on the hacker’s shopping list when it comes to protecting information. We reported yesterday on Intel introducing a new secure solution for protecting payments and card providers are engaged in a continuing arms race to stay secure. The latest part of this is the introduction of more secure EMV (EuroPay, MasterCard and Visa) compliant payment terminals around the world. Banks are issuing the new chip cards as current cards expire or need replacement. Retailers are installing new chip-enabled terminals.

As the holiday shopping season approaches keeping your details safe as you hit the shops is at the top of many people's thoughts. We spoke to Carolyn Balfany, SVP, Product Delivery and EMV of payment card specialists MasterCard to find out about what consumers can do to help protect themselves as they shop.

Continue reading

Thieves beware: Android 5.0 Lollipop packs kill switch

lock key smartphone iPhone

We have known for quite some time that the next incarnation of Android will pack a kill switch. This feature has long been requested, as it would prevent unauthorized reuse and, therefore, make a serious dent in smartphone and tablet theft. It is even imposed under Californian law, going into effect next year. But even though Google has not mentioned it yet, the kill switch is indeed baked into Android 5.0 Lollipop.

The kill switch in Android 5.0 Lollipop is officially known as "Factory reset protection", and is offered as an opt-in feature which only works in conjunction with a passcode. After it is enabled, the user's credentials (Google account and password) are required in order to reset the device, to allow a person other than the original user to use the device as intended.

Continue reading

The best tools for removing malware 2014

Malware spy

Independent testing organization AV-Comparatives has released the results of its latest Real World Protection and File Detection tests showing which security products perform best at dealing with malware.

The Real World Protection test results are based on over 600 live threats including drive-by downloads, malicious URLs, and infected email attachments. 22 products were tested and rated against the 'out of the box' protection provided by Windows (80.4 percent).

Continue reading

New Intel technology helps safeguard the payment process

Happy shopper card

Recent high profile data breaches involving retailers have led many people to have doubts about the security of transactions.

Chip maker Intel has today announced a new data protection technology that will both address these concerns and help speed up the roll out of internet of things devices in retail environments.

Continue reading

Cloud-based security and why it's here to stay

cloud security

As the popularity of cloud services has grown, so have concerns over the security of the data that's stored on them. This has led security vendors to adapt and develop solutions for the new environment.

A new report by security company NSS Labs looks at the rise of cloud security solutions and at the business demands driving their adoption, as well as the limitations and potential hidden costs in their use and recommendations for enterprises.

Continue reading

Thinking unconventionally is how you protect an entity the size of Google


We are at the 27th annual Information Security Solutions Europe Conference (ISSE), one of Europe's largest gatherings of cyber security experts.

Stephen Somogyi of Google Safe Browsing gave an amazing keynote speech about how Google goes about protecting its billions of users around the world. Here are some of the highlights:

Continue reading

Bitcoin will do nicely -- the state of Russian cyber crime

Russia flag magnifier

Banking fraud is down, mobile threats are up and cryptocurrency is the preferred payment method in the world of Russian cyber criminals.

Fraud prevention and cyber crime investigation specialist Group-IB has released a report on the Russian high-tech crime market in 2014. The report provides detailed assessments of the who, what, where and how of high-tech crime, who is behind what crimes, where they originate and who they target.

Continue reading

Tracking and tackling Ebola using mobile phone surveillance

Tracking and tackling Ebola using mobile phone surveillance

Mention web or mobile surveillance, and you're sure to raise a few hackles. But the current Ebola outbreak is showing that the data collected from handsets can be extremely useful. The idea of tackling a disease with 'big data' gathered from mobile phones might seem a little odd, but it's actually an incredibly valuable source of information. Telecom firms such as Orange have been working with data scientists, using anonymized data gathered from phones to track population movement in regions affected by Ebola.

The BBC points out that even in relatively poor countries in Africa, mobile phone ownership is still high. Experts have been able to use this data to determine the best places to set up treatment centers, and it's an idea that has been pounced upon by the CDC.

Continue reading

Mozilla will make Firefox 34 immune to POODLE, releases fix for older versions

Security Lock

Google yesterday disclosed a major security vulnerability it has found in the SSL 3.0 encryption protocol, that is still employed by many sites across the web, despite long being superseded. Dubbed POODLE (Padding Oracle On Downgraded Legacy Encryption), it allows attackers to steal private data, like cookies, and, possibly, use it to access user accounts on vulnerable sites. The search giant says its Chrome browser should be safe, but warns that others may be vulnerable.

Firefox is one of the vulnerable ones. To address this issue, Mozilla reveals that the upcoming version -- Firefox 34, to be exact -- will feature code which makes it immune to the POODLE attack. For those who use lesser versions of the open-source browser -- most users, basically -- the organization provides an optional fix.

Continue reading

Don't overlook the most important cloud storage feature: Security


The craze in the world of cloud storage today seems to be rolling out lists of additional features that match the features of every competitor out there, and presenting them as new and improved. Every company strives to be appear as the best possible cloud option on the market by continually adding "new" features right alongside competitors, and in all of the competition it can be a simple mistake to overlook what these features actually mean.

Before you let these lists of newly-added features dazzle you into choosing one specific cloud storage option over another, do a little research into what these features actually do. You might be surprised to find that many aren’t precisely new ideas, and they don’t increase the most important cloud storage aspect of all: secure file storage.

Continue reading

Security alert: Google drops SSL 3.0 after POODLE attack discovery

Security alert: Google drops SSL 3.0 after POODLE attack discovery

Google's security team has discovered a vulnerability in SSL 3.0 which can be exploited to steal secure cookies and other data. The 15 year old technology is still used as a fallback when connection problems occur as it helps maintain backward compatibility, but the security problems mean that Google will start to phase out support. Details of the exploit have been published and Chrome has today been tweaked to disable SSL 3.0 fallback.

Bodo Möller from Google's security team points out that this move will "break some sites" and that they will need to be updated. This does present some compatibility issues, and the advice is to support TLS_FALLBACK_SCSV instead, at least for the time being.

Continue reading

Security firms have created the next dot com bubble by 'scaring their customers'

Security firms 'scaring their customers' has created the next dot com bubble

There are too many security firms offering insufficient security. At least that's what Ilia Kolochenko, CEO and founder of High-Tech Bridge thinks. He points to the splitting of Symantec as proof that security companies are struggling, and suggests that the emergence of so many firms competing for attention is the start of a new dot com bubble that could burst at any moment.

Security is important to both home computer users and enterprise businesses. There is a huge amount of money to be made in the field, so it is perhaps little wonder that the number of companies muscling in on the market is on the increase. Kolochenko says that at the end of the century a lot of tech companies sprang up overnight and "most of these businesses were designed to create artificial problems or boost non-existent demand in order to make quick money. They didn't actually solve any real problems". There is a danger that the same could happen in the security world.

Continue reading

Public cloud security flaws: who’s viewing your files?

Cloud spy

Secure cloud storage is a challenge facing many professionals today, especially small and mid-sized businesses. It’s clear that the cloud is going to stick around for a long time, and so everyone is looking for a way to get on board with it while still protecting their professional data.

But, the unfortunate truth about public cloud storage is that you can’t control who handles your data or how it is protected. If you choose the wrong service, your company files are exposed to the dangers of hackers, data leaks, seizure, and nosy cloud employees. It’s difficult to know who is looking at your data, but if you know the risks and costs that come with different services and cloud functions, you can better protect your privacy.

Continue reading

Organizations struggle to balance security with systems integration

scales of justice

Many organizations are failing to meet data security and governance requirements according to a new Ovum survey sponsored by data flow specialist Axway.

The results reveal that 23 percent have failed a security audit in the past three years and 17 percent lack confidence in their ability to pass one today. It also puts the average cost of a data breach at $350 per record.

Continue reading

Why hackers love the holiday season [Q&A]

Credit card gift bow

Recent high profile security breaches involving retailers like Target and Neiman Marcus mean that people are increasingly aware they may be vulnerable when shopping online. Yet many don't fully understand the landscape that lies behind hacking and why it’s such a lucrative business.

With Christmas and its associated e-commerce peak fast approaching we spoke to Kelly Yee, Vice President of secure email provider Penango who has a wealth of security systems experience in both the public and private sectors. Here are her views on how hackers work and how we can guard against becoming victims over the holiday season.

Continue reading

© 1998-2014 BetaNews, Inc. All Rights Reserved. Privacy Policy.